Scribd Logo
Upload

Welcome to Scribd!

  • 92 views

    Network & Information Technology

    Uploaded by

    Nalla Sanjay
    Xerosploit is a penetration testing toolkit that allows performing man-in-the-middle attacks for testing purposes. It includes modules for port scanning, denial of service attacks, sniffing traffic, spoofing DNS, and intercepting and replacing web content. To install it, users clone the GitHub repository, change to the directory, and run the install script after choosing their operating system like Kali Linux. The toolkit provides commands for scanning a network to find devices, sniffing all traffic of a target, and using SSLstrip to decrypt HTTPS traffic to plaintext.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Network & Information Technology

    Uploaded by

    Nalla Sanjay
    92 views11 pages
    Xerosploit is a penetration testing toolkit that allows performing man-in-the-middle attacks for testing purposes. It includes modules for port scanning, denial of service attacks, sniffing traffic, spoofing DNS, and intercepting and replacing web content. To install it, users clone the GitHub repository, change to the directory, and run the install script after choosing their operating system like Kali Linux. The toolkit provides commands for scanning a network to find devices, sniffing all traffic of a target, and using SSLstrip to decrypt HTTPS traffic to plaintext.

    Original Title

    17BIT0354_VL2019201002836_PE003 (1).pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Xerosploit is a penetration testing toolkit that allows performing man-in-the-middle attacks for testing purposes. It includes modules for port scanning, denial of service attacks, sniffing traffic, spoofing DNS, and intercepting and replacing web content. To install it, users clone the GitHub repository, change to the directory, and run the install script after choosing their operating system like Kali Linux. The toolkit provides commands for scanning a network to find devices, sniffing all traffic of a target, and using SSLstrip to decrypt HTTPS traffic to plaintext.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    92 views11 pages

    Network & Information Technology

    Uploaded by

    Nalla Sanjay
    Xerosploit is a penetration testing toolkit that allows performing man-in-the-middle attacks for testing purposes. It includes modules for port scanning, denial of service attacks, sniffing traffic, spoofing DNS, and intercepting and replacing web content. To install it, users clone the GitHub repository, change to the directory, and run the install script after choosing their operating system like Kali Linux. The toolkit provides commands for scanning a network to find devices, sniffing all traffic of a target, and using SSLstrip to decrypt HTTPS traffic to plaintext.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 11

    Network & Information

    Technology;

    Algorithm for HTTP server prevent


    Name: RegNo:
    Iyyavu.M 17BIT0349
    Vignesh.S 17BIT0358
    Baskaran.V 17BIT0354
    Xerosploit- A
    Man-In-The-Middle Attack
    Framework

    Introduction to Xerosploit

    Xerosploit is a penetration testing toolkit whose goal is to perform a man


    in the middle attacks for testing purposes. It brings various modules
    that allow realising efficient attacks, and also allows to carry out denial
    of service attacks and port scanning. Powered
    by bettercap and nmap.

    Dependencies

    nmap
    hping3
    build-essential
    ruby-dev
    libpcap-dev
    libgmp3-dev
    tabulate
    terminal tables

    Built-up with various Features:

    Port scanning
    Network mapping Dos
    attack
    Html code injection
    Javascript code injection
    Download interception and replacement Sniffing
    DNS spoofing
    Background audio reproduction
    Images replacement
    Drifnet
    Webpage defacement and more
    Man-In-The-Middle

    A man-in-the-middle attack (MITM) is an attack where the attacker


    secretly relays and possibly alters the communication between two
    parties who believe they are directly communicating with each other.

    Xerosploit Installation

    Xerosploit is an attack tool for MITM which can run only on Linux OS to
    do so follow the simple steps:-

    Open up terminal and type

    1 git clone https://github.com/LionSec/xerosploit.git 2


    cd xerosploit
    3 ./install.py

    It will ask to choose your operating system, here we have press 1 for
    Kali Linux.
    Above image is grid list of man in the middle attack commands:

    scan

    This command will scan the complete network and will found all devices
    on your network.

    As you can observe that it has scanned all the active hosts. There are so
    many hosts in this network; you have to choose your target from the given
    result. I am going to select 192.168.1.105 for the man in the middle attack.
    Sniff

    Now run the following module to sniff all the traffic of the victim with
    the command:

    1 sniff

    Then enter the following command to execute that module:

    1 run

    Now it will ask you if you want to use SSLTRIP to strip the HTTPS
    URL’s to HTTP so that we can catch the login credentials in clear text.
    So enter y.
    In cryptography and computer security, a man-in-the-middle attack
    (MITM) is an attack where the attacker secretly relays and possibly
    alters the communications between two parties who believe they are
    directly communicating with each other.
    How SSL works?
    As you learned in the previous chapter, https uses SSL protocol to
    secure the communication by transferring encrypted data. Before
    going deeper, learn how SSL works.

    SSL fundamentally works with the following concepts:

    1. Asymmetric Cryptography
    2. Symmetric Cryptography

    Asymmetric Cryptography
    Asymmetric cryptography (also known as Asymmetric Encryption or
    Public Key Cryptography) uses a mathematically-related key pair to
    encrypt and decrypt data. In a key pair, one key is shared with anyone
    who is interested in a communication. This is called Public Key. The
    other key in the key pair is kept secret and is called Private Key.

    Here, the keys referred to a mathematical value and were created using
    a mathematical algorithm which encrypts or decrypts the data.

    In the asymmetric cryptography, the data can be signed with a private


    key, which can only be decrypted using the related public key in a pair.

    Asymmetric Cryptography
    SSL uses asymmetric cryptography to initiate the communication which
    is known as SSL handshake. Most commonly used asymmetric key
    encryption algorithms include EIGamal, RSA, DSA, Elliptic curve
    techniques and PKCS.

    Symmetric Cryptography
    In the symmetric cryptography, there is only one key which encrypts and
    decrypts the data. Both sender and receiver should have this key, which is
    only known to them.

    Symmetric Cryptography

    SSL uses symmetric cryptography using the session key after the initial
    handshake is done. The most widely used symmetric algorithms are
    AES-128, AES-192 and AES-256.

    Data Transfer over SSL


    SSL protocol uses asymmetric and symmetric cryptography to transfer
    data securely. The following figure illustrates the steps of SSL
    communication:

    SSL Communication
    As you can see in the above figure, SSL communication between the
    browser and the web server (or any other two systems) is mainly
    divided into two steps: the SSL handshake and the actual data transfer.

    Attacking Secure Sockets Layer

    Secure Sockets Layer (SSL) and Transport Layer Security (TLS), are
    cryptographic protocols used to provide secure communications across
    the Internet.

    These protocols have been widely used in secure applications like the
    Internet messaging and e-mail, web browsing, and voice-over-IP.

    These protocols are used across the Internet, they were started in the
    mid of1990s and are increasingly coming under attack. SSL Version
    2.0 (Version 1.0 was never publicly released) contains a significant
    number of flaws that can be exploited, such as poor key and are
    vulnerable to man-in-the-middleattacks.

    Although most users use Version 3.0 protocol and its newer versions of
    TLS, a misconfiguration can still lead to vulnerability.

    Install quilt, a program used to manage multiple patches to an


    application’s source code, using the following command:

    root@kali:~# apt-get install devscripts quilt

    Download the openssl source code, and apply the patches, update the
    configuration files, and then rebuild the application. Use the following
    commands:

    root@kali:~# apt-get source openssl


    root@kali:~# cd openssl-1.0.1e
    root@kali:~/openssl-1.0.1e# quilt pop –a
    How to Prevent:

    If you are on public network (internet cafe, unsecured hotspot, etc)


    minimalize login into your personal account.

    Using Vpn

    What is a VPN and how does it work?


    A VPN is a series of virtual connections routed over the internet which
    encrypts your data as it travels back and forth between your client
    machine and the internet resources you're using, such as web servers. Many
    internet protocols have built-in encryption, such as HTTPS, SSH, NNTPS,
    and LDAPS. So assuming that everything involved is working properly, if
    you use those ports over a VPN connection, your data is encrypted at least
    twice!

    Many enterprises will insist that their employees use their VPN if
    they're working remotely by connecting to their office network from
    home. Sometimes people will use a VPN when they're using BitTorrent
    to pirate media so that they don't get caught and their ISP can't stop
    them. I don't condone piracy. But to those people, I strongly suggest
    avoiding VPNs which are advertised through ads on The Pirate Bay as
    they are likely not what they seem and may even be malicious.
    Sometimes people use VPNs because they're understandably
    conscientious of their everyday security. That's an excellent reason to
    use them.

    PCs, smartphones, tablets, dedicated servers, and even some IoT


    devices can be endpoints for a VPN connection. Most of the time, your
    client will need to use a VPN connection application. Some routers also
    have built-in VPN clients. Unlike proxy networks such as Tor, VPNs
    shouldn't noticeably slow down your internet traffic under usual
    circumstances. But some VPNs are faster than others, and one of the
    most important factors is how many VPN clients are using a VPN
    server at any given time

    You might also like

    pFad - Phonifier reborn

    Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

    Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


    Alternative Proxies:

    Alternative Proxy

    pFad Proxy

    pFad v3 Proxy

    pFad v4 Proxy